SharpSploitConsole – Console Application Designed To Interact With SharpSploit

Console Application designed to interact with SharpSploit released by @cobbr_ioSharpSploit is a tool written by @cobbr_io that combines many techniques/C# code from the infosec community and combines it into one sweet DLL. It’s awesome so check it out!DescriptionSharpSploit Console is just a quick proof of concept binary to help penetration testers or red teams with less C# experience play with some of the awesomeness that is SharpSploit. By following the instructions below you should be able to embed both the SharpSploit.dll and System.Management.Automation.dll into the SharpSploitConsole binary, creating a standalone exe you can drop on an appropriate target sytem and run over a non-interactive shell (such as beacon).This concept can be applied to many C# binaries. For example, we could embed the System.Management.Automation.dll into our favorite C# NoPowershell.exe, creating a binary that doesn’t rely on the System.Management.Automation.dll on the target system.

Contact at:

Twitter: @anthemtotheego or @g0ldengunsec

Setup – Quick and DirtyNote: For those of you who don’t want to go through the trouble of compiling your own I uploaded an x64 and x86 binary found in the CompiledBinaries folder. For those of you who do want to compile your own… I used Windows 10, Visual Studio 2017 – mileage may vary

Open up SharpSploit.sln in Visual Studio and compile (make sure to compile for correct architecture) – Should see drop down with Any CPU > Click on it and open Configuration Manager > under platform change to desired architecture and select ok.

Download SharpSploitConsole tool and open up SharpSploitConsole.sln

Copy both SharpSploit.dll and System.Management.Automation.dll found in SharpSploit/bin/x64/Debug directory into SharpSploitConsole/bin/x64/Debug folder

Next we will set up visual studio to embed our DLL’s into our exe so we can just have a single binary we can run on our target machine. We will do this by doing the following:

Inside visual studio, right click References on the righthand side, choose Add Reference, then browse to the SharpSploitConsole/bin/x64/Debug directory where we put our two DLL’s, select them and add them.

Compile, drop binary on target computer and have fun.

ExamplesNote: All commands are case insensitiveBy default all commands can be taken in as command line args, they will be executed and the program will exit (great for remote shells). This looks something like the following: sharpSploitConsole.exe getSystem logonPasswords. Alternatively, if you want to use the interactive console mode, you can use the interact command to get a pseudo-interactive shell.Start interactive console mode:

Interact

Mimikatz all the things (does not run DCSync) – requires admin or system: